{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fa4d2c4c-18ec-5408-8f91-13704a5ca123", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-oxm", "version": "5.3.25-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f113caa1-5307-5c15-9427-9992085c78bf", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53e780c1-1d9f-5a63-aa46-530245e22b47", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06118760-e6e4-5111-b738-180b4f3f074d", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ceeaa766-9267-5f9d-b3e7-98435d62d788", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19069721-fcc4-5e58-9a68-f5d2b160364c", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8eea1b47-19cb-5642-bcd6-b9f9592a4c36", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1711a2e7-c615-57f1-b31d-17a1346b5590", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5634c319-e370-576d-ad0d-36aa87f292fa", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a02548c8-6f22-558d-8856-22e80db7e5af", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5a14ac5-12c6-5267-bc4c-70360991a2a0", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cff2d2d-3e05-57de-b941-d2c5ddbc4703", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:599e3278-5069-580a-96bf-a1865199e7e3", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a18ce029-c879-5fe3-bcca-51a5487971c1", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99e275b3-9068-578c-897b-e64ef8bcd8f0", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3029719-00d8-5492-abe2-ff3611c8e72c", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30e42fe7-829d-5999-bc96-095e5b096f58", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7210f3c-6626-5ac4-b26d-abad7a63d02e", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2c27ec4-c6ac-56eb-9789-11d327d32149", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a5fd590-531c-5dea-9bb4-799f412c45b0", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cf28cab-1d62-56f4-86d3-8ff0b21c1c77", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4802fe33-2d88-5632-8911-d3f8cf1d5167", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1058458-ee5c-5f4e-aa7b-d0bedaac02ef", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.2 of org.springframework:spring-oxm." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-oxm@5.3.25-tuxcare.2" } ] }